Blog > Data protection and RGPD | Whistleblowing channel

New European directive on anonymous whistleblowing channel for companies

by | 21 Oct, 2021

Contenido del artículo

European Directive on Complaints Channel

On 21st December, the obligation for all companies with more than 249 workers to have a complaints channel, as required by the European Parliament Directive of 23 October 2019, comes into force. By the end of 2023 it will be mandatory for all private and public companies with at least 50 employees, so most companies are already moving to purchase the best whistleblowing channelsoftware solution.

On AEPD’s blog last post, they emphasize the importance of choosing a solution that respects the basic principles of data protection. Over the next few months, all kinds of solutions will be promoted to implement your own online reporting channel, you can even find free reporting channels, but… Who guarantees that they have the security and privacy measures required by law?

How to comply with the law in your whistleblower channel?

The most important thing is to preserve the anonymity and privacy of the complainant. The entire process can be handled internally and confidentially until it is resolved, but measures must be in place to ensure its integrity, which is why free whistleblowing channel software is not at all recommended.

If your company were to suffer a security breach through its whistleblowing channel and personal data were to be leaked, it could be fined up to €600,000.

These are the requirements that every reporting channel must meet:

1

Guarantee the confidentiality of the identity of the complainant.

2

Designate a person, internal or external, as the person responsible for the complaints channel.

3

The person responsible must acknowledge receipt of the complaints filed, no later than 7 days after receipt.

4

Finally, the complaint must be responded to within a maximum period of 3 months from the issuance of the acknowledgment of receipt.

5

Access must be external to the corporate network because it is not just a tool for internal staff. Anyone related to the company should be able to report.

6

It must have the necessary measures to avoid security breaches, the most basic are:
  • To work on a secure connection protocole
  • To be hosted on a private server which warrants safety measures.
  • We recommend using an EU-based whistleblowing channel software, due to legislative differences that may exist in other countries.

Your online whistleblower channel that complies with the European directive from 150 €/year

With Edorteam you’ll a get totally safe and confidential whistleblowing channel solution.

Ask for a trial

Why a web form does not make the same function?

Until now, a whistleblowing channel could be a phone number, email or web form, but these channels do not fully guarantee the privacy of the complainant and have some risks. Let’s see why it is a bad idea:

x

In order to acknowledge and respond to the complaint, the complainant must provide some contact details (email, phone number or postal address).

x

This obligation to disclose some contact data, even if only the person responsible for the channel knows it, may act as a deterrent to some people who are thinking about reporting.

x

The data sent by a web form is received on an email address. This is a data security risk, which could lead to a security breach, especially if the account is managed by more than one person.

Email is one of the most common hacker’s target and an important human mistake’s source. Do not use it as a whistleblowing channel for your company.

E-book: your anonymous whistleblowing channel as required by law

We explain how does Edorteam’s whistleblowing channel softwarework.

Download e-book

Complies with European standards for complaint channel with Edorteam

Our technical and legal professionals will guide you throughout the process and train your team in software usage’s best practices. In addition, you will have at your disposal your Edorteam consultant for technical support whenever you need it.

You can count on us to guide you through this process not only because you are required to do so by law, but also to grow your company’s ethical culture.

Given the positive effects it will have on the confidence and behavior of your employees, the sooner you implement your online whistleblowing channel, the sooner you will see the benefits, don’t wait until you are forced by law!

canal de denuncias online

Request information

Follow us on social media

company compliance, data confidentiality, online whistleblowing channel, prevention of criminal risks, regulatory compliance, secure connection, whistleblowing channel software

Related posts

13 Comments

  1. Drako Mendez
    Drako Mendez on 27 de March de 2023 at 03:51

    ¡Interesante discusión! ¿Qué opinan sobre la protección de datos en los canales de denuncias?

    Reply
  2. Maira Garriga
    Maira Garriga on 9 de April de 2023 at 23:33

    ¡Interesante tema! ¿Qué opinan sobre la protección de datos en canales de denuncia? 🤔

    Reply
  3. Prudencio Carrillo
    Prudencio Carrillo on 25 de April de 2023 at 13:05

    ¡Vaya multa por filtración de datos! ¿Crees que las empresas cumplirán con esta directiva?

    Reply
    • Diego Guardiola
      Diego Guardiola on 26 de April de 2023 at 01:05

      ¡Las empresas siempre buscan la manera de evadir responsabilidades! No confío en que cumplan con la directiva, a menos que les duela en el bolsillo. ¡Es hora de que se tomen en serio la protección de datos de los usuarios!

      Reply
  4. Gonzalo
    Gonzalo on 15 de June de 2023 at 04:32

    ¡Interesante discusión! ¿Qué medidas tomarías para evitar multas por filtración de datos? 🤔

    Reply
    • Georgia
      Georgia on 15 de June de 2023 at 10:32

      ¡Buena pregunta! Para evitar multas por filtración de datos, lo primero es cumplir con regulaciones de protección de datos como el GDPR. Implementar medidas de seguridad robustas, capacitación constante del personal y realizar auditorías internas regularmente son clave. ¡La prevención es la mejor defensa! 👍

      Reply
  5. Pablo
    Pablo on 21 de July de 2023 at 18:04

    ¡Vaya, menudo lío con estas normativas europeas y las filtraciones de datos!

    Reply
    • Marcos Medrano
      Marcos Medrano on 22 de July de 2023 at 00:04

      ¡Así es, la privacidad en línea es un tema complicado pero necesario. No podemos ignorar las regulaciones europeas, debemos proteger nuestros datos. Mejor prevenir que lamentar, ¡cuidemos nuestra información personal en la red! La seguridad es primordial. ¡Buena reflexión! 👍🔒🌐

      Reply
  6. Valentino
    Valentino on 20 de August de 2023 at 06:53

    ¡Interesante debate! ¿Realmente vale la pena el riesgo de filtración de datos personales?

    Reply
  7. Damara
    Damara on 21 de October de 2023 at 19:23

    ¿Y si la filtración es accidental? ¿Cómo protegerse? ¡La ley es complicada!

    Reply
    • Ivette
      Ivette on 22 de October de 2023 at 05:23

      ¡Siempre es importante tomar precauciones! Asegúrate de tener medidas de seguridad en tu dispositivo y manejar la información con cuidado. La ley puede ser complicada, pero la responsabilidad personal también es clave. ¡Mejor prevenir que lamentar! ¡Buena suerte!

      Reply
  8. Sandalio Tejada
    Sandalio Tejada on 5 de February de 2024 at 00:09

    ¿Y si la ley pone en riesgo la privacidad de los denunciantes? 🤔

    Reply
  9. Alan Barroso
    Alan Barroso on 7 de February de 2024 at 18:06

    ¿Y si la empresa no puede pagar la multa de 600,000 euros? ¡Sería un desastre!

    Reply

Submit a Comment

Your email address will not be published. Required fields are marked *